CCIE Challenge 4: Troubleshoot Ticket 2

This is the second troubleshooting challenge. I would rate this a 2 / 3p ticket. You can find the configs of the routers here. For those of you using EVE I included the UNL file in there. The topology is as follows: R1 wants to be able to reach R6 via telnet. Match the output below. R1#telnet 2002:C0A8:3806::6 Trying 2002:C0A8:3806::6 ... Open R6>exit [Connection to 2002:C0A8:3806::6 closed by foreign host] You are not allowed to change anything on R4.

CCIE Challenge 3: MPLS L3VPN

This challenge is split up in four parts. Make sure you achieve the desired goals, even after multiple reboots of the routers in your topology. The initial config files can be downloaded here: CCIEChallenge3_initial.zip General restrictions: You are not allowed to modify any IP address on any interface You are not allowed to introduce any new interfaces Part 1: IGP. Configure OSPF area 0 on the links between R7, R8, R11 and R12 Lo0 is part of OSPF area 0 Configure EIGRP as 100 on the links between R8, R9, R10, R13 and R12 Make sure the EIGRP process supports delay measured in picoseconds Lo0 on R10 and R13 should be D EX routes Lo0 on R9 should be part of EIGRP as 100 as a native EIGRP route Configure RIP on the links between R7, R5, R6, R8 and R9 Redistribute between all processes on all possible routers Part 2: iBGP.

CCIE Challenge 2: Troubleshoot Ticket 1

This #CCIEChallenge is a troubleshooting ticket for your pleasure. Depending on where you are in your CCIE prep you should be able to fix this ticket in 10 minutes. It would be comparable to a 3 or 4 point ticket. The config files can be downloaded here: CCIEChallenge2.zip R1 and R4 should be able to ping each other. Match the following output. R1 should always select its path through R3, even when R3 has suffered a failure and has returned to operations.

CCIE Challenge 1: DMVPN FVRF local breakout

So, this is the first CCIEChallenge created by me. You need to achieve the following to pass the challenge: In the topology, please ignore R15. It has no role in this assignment. The initial config files can be downloaded here: CCIEChallenge1_initial.zip Set up a DMVPN between R14 (hub), R10 and R11 (spokes) This DMVPN needs to use the default route the routers have received from R12. The links between R12 and the other routers are part of the INTERNET VRF, the DMVPN should be member of the global routing table.

NAT

NAT is a confusing technology. Many people have difficulties understanding it. Myself included. This causes problems during configuration and troubleshooting. This post is for me to put everything in order and help myself understand NAT. Terminology When using NAT you work with several terms: Inside Local Inside Global Outside Local Outside Global Inside Local The inside local address is an address on the inside of your network. Most of the time these are RFC1918 addresses and are not routable on the internet.

BGP route reflector challenge answer

This will be a short post. This post is just to supply a somewhat detailed answer to a tweet I sent out earlier this evening. When you have 3 iBGP routers. One of them is a route reflector. The other two are clients. If the cluster-id of the route reflector is the same as the router-id of one of the clients. What will happen when the client receives an update from the route reflector?

BGP peer group vs. BGP templates

Most people who have done a little more than basic BGP configuration have encountered BGP peer groups. These groups help you manage larger configurations, or at least that is what you’ve been told. BGP peer groups are not designed to manage large BGP configurations. That’s what BGP templates are for. But if that’s the case what are the peer groups used for? And what’s the difference between the two? This post will answer exactly those questions.

Second CCIE Lab attempt

So, my second attempt also resulted in a fail. This time was different though. While during my first attempt I was largely overcome by nerves and daunted by the sheer size of the lab that wasn’t the problem for this attempt. Of course I still had my share of nerves before the start, but it was nowhere near as bad. Last time I failed due to time restraints. I wasn’t able to finish the lab.

OSPF / BGP path selection challenge

Today I’ve created a nice path selection challenge for everybody. Let’s start with the topology: IP addressing is simple. The subnets used are 10.0.xx.y/24 where xx are the numbers of the two routers on the link (lowest router first). Y is the router number. The situation is as follows: - R2 has an eBGP peering with R1. It receives tge default route from R1. - R2 advertises this default route to R3 - R2 and R3 also form an OSPF network with area 0 - R2 forms an OSPF NSSA area 50 with R4 - R2 redistributes the connected route to R1 into OSPF - R3 forms an OSPF NSSA area 50 with R5 - R4 redistributes OSPF NSSA 50 into BGP (including NSSA external routes) - R5 redistributes (i)BGP routes into OSPF

IPSec for DMVPN with Front Door VRFs

When you look at the blueprint for the CCIE lab exam you’ll notice a lot of separate items. These often appear as disparate things. When you study them you think you understand them and are able to apply them during a test. However, they don’t test your ability to configure separate technologies in isolated environments. They will test whether you understand the technologies and are able to combine them to make a solution work.